US20180284026A1 - Ultrahigh Resolution Dynamic IC Chip Activity Detection for Hardware Security - Google Patents

Ultrahigh Resolution Dynamic IC Chip Activity Detection for Hardware Security Download PDF

Info

Publication number
US20180284026A1
US20180284026A1 US15/766,845 US201615766845A US2018284026A1 US 20180284026 A1 US20180284026 A1 US 20180284026A1 US 201615766845 A US201615766845 A US 201615766845A US 2018284026 A1 US2018284026 A1 US 2018284026A1
Authority
US
United States
Prior art keywords
chip
centers
fluorescence
light
clock frequencies
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US15/766,845
Other versions
US11041809B2 (en
Inventor
Linbo Shao
Marko Loncar
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Harvard College
Original Assignee
Harvard College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harvard College filed Critical Harvard College
Priority to US15/766,845 priority Critical patent/US11041809B2/en
Assigned to PRESIDENT AND FELLOWS OF HARVARD COLLEGE reassignment PRESIDENT AND FELLOWS OF HARVARD COLLEGE ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LONCAR, MARKO, SHAO, Linbo
Publication of US20180284026A1 publication Critical patent/US20180284026A1/en
Application granted granted Critical
Publication of US11041809B2 publication Critical patent/US11041809B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G01MEASURING; TESTING
    • G01NINVESTIGATING OR ANALYSING MATERIALS BY DETERMINING THEIR CHEMICAL OR PHYSICAL PROPERTIES
    • G01N21/00Investigating or analysing materials by the use of optical means, i.e. using sub-millimetre waves, infrared, visible or ultraviolet light
    • G01N21/62Systems in which the material investigated is excited whereby it emits light or causes a change in wavelength of the incident light
    • G01N21/63Systems in which the material investigated is excited whereby it emits light or causes a change in wavelength of the incident light optically excited
    • G01N21/64Fluorescence; Phosphorescence
    • G01N21/6489Photoluminescence of semiconductors
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R1/00Details of instruments or arrangements of the types included in groups G01R5/00 - G01R13/00 and G01R31/00
    • G01R1/02General constructional details
    • G01R1/06Measuring leads; Measuring probes
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R23/00Arrangements for measuring frequencies; Arrangements for analysing frequency spectra
    • G01R23/16Spectrum analysis; Fourier analysis
    • G01R23/17Spectrum analysis; Fourier analysis with optical or acoustical auxiliary devices
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/2851Testing of integrated circuits [IC]
    • G01R31/2884Testing of integrated circuits [IC] using dedicated test connectors, test elements or test circuits on the IC under test
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/302Contactless testing
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/302Contactless testing
    • G01R31/308Contactless testing using non-ionising electromagnetic radiation, e.g. optical radiation
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/44Testing lamps
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01NINVESTIGATING OR ANALYSING MATERIALS BY DETERMINING THEIR CHEMICAL OR PHYSICAL PROPERTIES
    • G01N2201/00Features of devices classified in G01N21/00
    • G01N2201/06Illumination; Optics
    • G01N2201/061Sources
    • G01N2201/06113Coherent sources; lasers

Definitions

  • the present invention is generally related to hardware security of integrated circuits, and more particularly is related to providing dynamic analysis of an integrated circuit to determine whether unpermitted actions are being taken.
  • Thermal imaging can give more insights into which parts of the chip are active, but has large time-scales as repeated operations are needed to heat up certain parts of the chip for them to be observable. Moreover, heat spreading through the package blurs out the image. These are real-time, non-invasive techniques but are severely limited in spatial and temporal resolutions.
  • near-field sensing of the electromagnetic field is more desirable than far-field (more than two wavelength in distance).
  • the near-field sensing of electromagnetic field is challenging especially for high frequency signals, owing to the short wavelength (about 3 cm for 10 GHz signal) and low intensity (electromagnetic emissions depends on the electrical currents).
  • Embodiments of the present invention provide a system and method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip.
  • the system contains an IC chip being tested; a diamond slide having nitro variance (NV) centers located on the IC chip being tested, where the diamond slide is placed in close proximity to the IC chip, either outside a package of the IC chip or inside the package of the IC chip; a light source for exciting the NV centers resulting in an NV fluorescence; an imager for providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; and a computer in communication with the imager for determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields
  • NV nitro variance
  • the present invention can also be viewed as providing methods for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip.
  • a method can be broadly summarized by the following steps: exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence; providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to herein as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip; and comparing at least one of the group comprising determined clock frequencies and determined data bandwidth, to at least one of the group comprising expected clock frequencies of the IC chip and expected data bandwidth of the IC chip.
  • NV nitro variance
  • the present invention can further be viewed as a method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip, which comprises the steps of: exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence; providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; determining data characteristics of the IC chip from the spectra of electromagnetic fields of the IC chip when the IC chip transmits data; and comparing the determined data characteristics to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • IC integrated circuit
  • FIG. 1A is a schematic diagram illustrating the detecting of electromagnetic waves using NV centers.
  • FIG. 1B is a schematic diagram illustrating an NV center, which consists of two lattice defects in an otherwise perfect diamond lattice
  • FIG. 1C is a graph illustrating a simplified level scheme in the ground state of the NV plotted.
  • FIG. 2 is a flowchart summarizing steps performed by the present system and method in the process of detecting a hardware security risk for a tested IC chip.
  • FIG. 3 is a schematic diagram of a chip activity imager, in accordance with the present invention.
  • FIG. 4 illustrates a computer connected to the imager, or CCD array of FIG. 3 .
  • FIG. 5A illustrates RF1 intensity
  • FIG. 5B is a schematic diagram illustrating a micro radio-frequency coupler used to demonstrate the ability of the present invention and associated method.
  • FIG. 5C illustrates RF2 intensity
  • FIGS. 5D-F illustrate the resulting spectra at three typical positions that result from the bias magnetic field B0 being scanned from 22 Gauss to 35 Gauss by an electromagnet.
  • FIG. 6 is a graph illustrating real-time response/ability of the present system and method.
  • the present system and method provides techniques, devices, and systems for ultrahigh spatial resolution detection of near-field electromagnetic emission.
  • the present invention provides a technique that uses negatively charged nitrogen-vacancy (NV-) color centers in diamond.
  • NV- nitrogen-vacancy
  • This technique for dynamic chip activity analysis can analyze electromagnetic emission with spatial resolution down to a single transistor or logic gate level.
  • the present system and method can distinguish the frequencies of electromagnetic emission over a wide band, meaning that it can show the frequency spectra of electromagnetic fields.
  • the present method is non-destructive and will not perturb the functionality of IC chips.
  • the present system and method can also be performed at runtime.
  • the present system and method can obtain fine information of dynamic IC chip behaviors, and provides new ways in chip verification, chip identification, hardware Trojan detection, and side-channel information leak detection.
  • aspects of the present system and method provide a new non-invasive technique for detecting the dynamic electromagnetic emission of IC chips using NV centers in diamond.
  • an optical readout of the quantum states of NV centers an IC chip can be imaged by radio-frequency spectrometry at runtime, which leads to several advantages over the prior work in hardware Trojan detections and side channel attacks.
  • NV centers in diamonds are utilized as sensors, which convert the IC chip local electromagnetic fields to optical readout signals, which are signal lights generated by the NV, that are sent to a Charge-Coupled Device (CCD) array. While diamond slides can easily be placed on the top or bottom of an IC chip, the optical readout process can alternatively be performed at a distance as long as an optical path from the NV centers to the CCD array, or other detector, is secured. A detecting light and signal light are in the wavelengths of the visible light band, and thus the optical readout, which consists of the signal light, enjoys less noise compared to radio-frequency signals.
  • CCD Charge-Coupled Device
  • optical readouts of multiple NV centers can be determined simultaneously by using an Electron Multiplying Charge-Coupled Device (EM-CCD), which means NV centers at megapixels can be readout by a single shot image.
  • E-CCD Electron Multiplying Charge-Coupled Device
  • the present technique provides a wide-field ability for detecting over the region of an entire IC chip without requiring position scanning techniques.
  • NV centers convert information in electromagnetic fields to optical readout signals at the position very close to (i.e. near field) the sources of electromagnetic field, (i.e. elements on IC chips), the electromagnetic field generated by single elements has not been blurred out at the position of NV centers. This is crucial in detecting high frequency signals, since the high frequency electromagnetic wave by different elements will blur out much faster due to diffraction when propagating in space.
  • NV centers in diamonds are capable of detecting an electromagnetic field with atomic (sub-nanoscale) spatial resolution.
  • NV centers are atomic defects in the crystal of a diamond created by a nitrogen atom with a vacancy nearby, and it only interacts with local electrical and magnetic fields. In the other word, NV centers detect the electromagnetic field at the same position. The abovementioned two reasons make the present system and method beneficial for an ultrahigh spatial resolution.
  • the optical readout signal of NV centers depends not only on the intensity of electromagnetic field, but also on the frequency of the electromagnetic field. Basically, only the electromagnetic field at the resonant frequency of electrons associated with NV centers will generate an optical readout signal in accordance with the present invention.
  • the resonant frequency can be tuned by applying an external DC magnetic field.
  • the dynamic range of resonant frequency is from about 500 MHz and up to more than 10 GHz, where 2.87 GHz is the resonant frequency without an external magnetic field. Physically, this range is determined by how large the DC magnetic field is. It is noted that by using a super strong magnet, the range of the example, can be exceeded.
  • This tuning can be achieved, for example, by tuning the current of an electromagnet with accuracy better than 100 kHz by a low-cost commercially available electromagnet.
  • the spectra of the electromagnetic fields can be obtained at every position where an NV center is located.
  • the resolution in frequency is limited by quantum coherence time of NV centers, which leads to less than 500 kHz for commercially available diamond samples (e.g. from Element Six Inc).
  • the spectrum of the electromagnetic field provides information about the clock frequencies of IC chips and data bandwidth of IC chips. Specifically, the location of the peak in an electromagnetic frequency spectrum infers the clock frequency of the IC chip, while the width of the peak in the spectrum infers the bandwidth of the IC chip.
  • a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be used, as opposed to, or in addition to, the clock frequencies and data bandwidth of IC chips.
  • the determined clock frequency and bandwidth of the IC chip can be compared to an expected value or range for the IC chip, and/or the data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip. If there is no match, it is known that a foreign element is located or affecting the IC chip.
  • the optical signal of NV centers can be captured continuously, thus allowing for real-time detection.
  • an image of optical signals i.e. intensities of NV centers fluorescence
  • This can be further improved by using a high-speed CCD.
  • the present system and method uses a probing light for exciting an electron associated with the negatively charged NV center from its ground state to an excited state.
  • any probing light that is used is isolated from the elements in an IC chip, the present system and method for detection will not have any side effects on the functionality of the IC chip, even if the IC chip is light sensitive.
  • Such isolation can be easily achieved, for example, by depositing a thin layer of any visibly opaque but radio frequency transparent material (e.g. Silicon) on the chip or diamond, so as to block any probing light from elements of the IC chip. Therefore, the present technique is promising for runtime detection of IC chips.
  • a non-invasive real-time analysis technique, device and system is provided that will provide consumers of hardware products (e.g., companies like Microsoft) with the ability to non-destructively analyze the hardware they have purchased and the operation of the nanometer transistors within to ensure hardware (and software) security.
  • hardware products e.g., companies like Microsoft
  • NV centers an atomic defect
  • solid state material i.e. diamond
  • populations means the probabilities of an NV in different quantum states. For example, one quantum state may have 60% in spin-0 state, and another quantum state may have 40% in spin-1 state. According the nomenclature in the industry, we say that the population of spin-0 state is 0.6
  • An NV center is an atomic-like system in the solid state, which, as illustrated by the schematic diagram of FIG. 1B , consists of two lattice defects in an otherwise perfect diamond lattice: two proximal carbon atoms are knocked out, and one of them is replaced by nitrogen (N) and the other site remains vacant (V).
  • N nitrogen
  • V the other site remains vacant
  • FIG. 1A is a schematic diagram illustrating the detecting of electromagnetic (E&M) waves using NV centers.
  • E&M electromagnetic
  • FIG. 1A when illuminated by green light (illustrated by the arrow pointing toward the NV centers labelled 532 nm), an electron associated with the negatively charged NV center (the electron comes from nearby donors or defects) can be excited from its ground state to the excited state, after which it emits red photons (illustrated by the arrow point away from the NC centers labelled 637-750 nm) and it returns to the ground state.
  • D 0 2.87 GHz is the zero-field splitting
  • B 0 is the bias DC magnetic field as applied by an electromagnet.
  • the dip indicates the frequency f d of the electromagnetic field.
  • the inset illustrates the simplified energy diagram of NV quantum states, the energy separated by f i , which is determined by a zero-field splitting D 0 and bias magnetic field B 0 .
  • the probability of photon emission after green illumination is dependent on the spin state of the electron: in spin state
  • This feature has been used to do very sensitive magnetic field measurements by applying a combination of green laser pulses and microwave fields at 2.87 GHz. Since the size of the NV centers is basically the size of two atoms, spatial resolution enabled by this system is very large, and is typically limited by the ability of the optical component (e.g. microscopy objective, CCD) used to image the emitted red photons, as described below.
  • CCD microscopy objective
  • the present technique for the detection of electromagnetic fields using NV centers may be described as follows.
  • the spin of an NV electron is first prepared in the
  • the NVs will be then be
  • the spin state will be changed to
  • the fluorescence intensity of NV centers will be lowered. Therefore, by sweeping the intensity of the external magnetic field (e.g., using an electromagnet, as described below) a wide range of radio-frequency and microwave frequencies can be probed, and spectral analysis of electromagnetic signals originating from an IC of interest can be performed.
  • the spectral analysis may entail, as a non-limiting example, finding peaks in the spectrum, measuring width of each peak, determining relationships between peaks, or other methods of performing such spectral analysis.
  • FIG. 2 is a flowchart 10 summarizing steps performed by the present system and method in the process of detecting a hardware security risk for a tested IC chip. These steps are described in further detail within the present detailed description. It should be noted that any process descriptions or blocks in flowcharts should be understood as representing modules, segments, portions of code, or steps that include one or more instructions for implementing specific logical functions in the process, and alternate implementations are included within the scope of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
  • the present system scans resonant frequency of NV centers to obtain spectra of electromagnetic fields associated with an IC chip being tested.
  • the spectrum of electromagnetic field is then analyzed to provide information about the clock frequencies of the IC chip and data bandwidth of the IC chip (block 30 ).
  • a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be analyzed for the IC chips.
  • a comparison is then performed between the determined clock frequencies and bandwidth of the IC chip being tested to expected predefined clock frequencies and bandwidth of the IC chip being tested to determine if a foreign device or software is affecting the tested IC chip.
  • data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • FIG. 3 is a schematic diagram of a chip activity imager 100 , in accordance with the present invention. It should be noted that FIG. 3 is provided for exemplary purposes only, and is not intended to limit the present system and method to merely using the components illustrated.
  • the chip activity imager 100 provides detection techniques as described in accordance with the present system and method.
  • An IC chip which is to be tested, is referred to herein as a target IC chip.
  • the target IC chip 102 is placed under a diamond slide 104 with NV centers. If the IC chip 102 is sensitive to visible light, an isolation layer 106 can be located on the IC chip 102 , which blocks both probe light, as described below, and NV fluorescence (i.e., the optical readout signal) from the IC chip 102 .
  • the diamond slide 104 or diamond chip, in accordance with the present invention, merely needs to be placed in close proximity to the target IC chip 102 , either outside the IC package, as illustrated by FIG. 3 , or inside the package.
  • diamond is embedded with a sheet of NV ⁇ centers below the surface of the diamond (for instance, but not limited to, ⁇ 10 nm below the surface), either during diamond growth or via ion implantation of nitrogen into ultrapure synthetic diamond substrates.
  • a probe laser 110 or other source of light, is used to excite the NV centers, thus the quantum states of NV centers can be optically read out by the intensity of fluorescence.
  • the probe laser 110 may be a green light, having a range of emission between 450 nm to 650 nm. It should be noted while the example of a 532 nm output green laser is provided as an example for the laser probe 110 , a different laser probe may be used.
  • the source of light need not be a laser, but instead a light emitting diode, mercury lamp, filtered white light, or other source of light capable of causing excitement may be used.
  • the probe laser 110 after passing through a beam splitter 130 , is focused at the NV centers by an objective 112 .
  • the objective 112 may be any device capable of focusing the emitted laser beam from the probe laser 110 , so as to focus the laser beam at the NV centers.
  • An electromagnet 114 is used to apply an external bias DC magnetic field.
  • the external DC magnetic field tunes the resonant frequency of NV centers by tuning the magnetic field as applied to the NV centers such that the resonant frequency of NV centers is tuned, resulting in the NV fluorescence.
  • the external magnetic field also determines which frequencies of electromagnetic field are to be viewed via an imager, demonstrated in the present figure as a CCD array 120 .
  • the imager may be a different device, such as, but not limited to, CCD camera or a CMOS camera.
  • the resonant frequency corresponds to the certain voltage/current applied on the electromagnet.
  • the resonant frequency may correspond to a certain distance from a permanent magnet to the NV centers. Tuning can be achieved, for example, by tuning the current of an electromagnet with accuracy better than 100 kHz by a low-cost commercially available electromagnet.
  • the CCD array is a cooled EM-CCD array.
  • the NV centers are interrogated using luminescent measurement in a wide-field microscope: green light, for example, from a solid-state laser is used to excite NV centers over a wide field of view and red photons emitted from the NVs are imaged using the EM-CCD array 120 .
  • green light for example, from a solid-state laser is used to excite NV centers over a wide field of view and red photons emitted from the NVs are imaged using the EM-CCD array 120 .
  • the likelihood of NV- to emit a photon after absorbing one green photon is directly proportional to the spin state of its electron, which in turn is very sensitive to the NVs electromagnetic environment. This allows the intensity and spatial profile of the emitted RF field to be directly imaged on the CCD array 120 .
  • the frequency of RF signal that NV responds to can be dynamically controlled using the external electromagnet 114 .
  • each NV center plays a role of an atomic-scale RF spectrum analyzer. Using many NVs at the same time, the information about the frequency, intensity and spatial profile of RF field can be easily obtained.
  • Receipt of the NV center emission by the CCD array 120 results in an optical readout of NVs, where the quantum states of NV centers are read out, thus imaging the IC chip and performing radio-frequency spectrometry at runtime.
  • the optical readout of NVs results in the spectra of electromagnetic fields of the IC chip being tested.
  • the CCD array 120 is preferably connected to a computer 200 , as illustrated by FIG. 4 , for processing the spectra pf electromagnetic fields of the IC chip being tested.
  • the computer 200 is capable of taking the spectrum of electromagnetic field of the IC chip tested and determining clock frequencies of the IC chip and data bandwidth of the IC chip.
  • a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be analyzed for the IC chips by the spectrum of electromagnetic fields associated with the data transmission being received by the CCD array 120 .
  • the computer 200 compares determined clock frequencies and bandwidth of IC chip to a predefined clock frequency and bandwidth of the IC chip to determine if a foreign device, or software, is located on the tested IC chip.
  • an expected range of IC chip clock frequency and data bandwidth is predefined and stored either within a storage device of the computer 200 , or at a remote location capable of being accessed by the chip activity imager 100 , such as via a local area network, or wirelessly via the internet.
  • the expected range is considered to be the normal functioning range of the IC chip. Determined values outside of these ranges illustrate a foreign presence.
  • data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • the present chip activity imager (CHAI) 100 and method operates in two configurations: CHAI-IN and CHAI-OUT. In addition, in each configuration it can run in one of two modes: stimulated and passive. In stimulated mode, custom test programs are loaded onto the processor to stimulate (or inhibit) activity of specific functional units of the processor which enables analysis of the structure of the chip and which functional units are active. The stimulated mode and the data obtained from it can be used to build a model of the processor chip. Model of the chip has two parts: physical structure and operational behavior. In passive mode, the CHAI 100 only measures fluorescence, while the processor chip is running under control of whatever operating system and programs it would usually run.
  • the fluorescence measurements combined with the model of the chip built during the stimulated operation will reveal information about software running on the chip, such as what it is doing by observing which functional units are triggered.
  • Memory access patterns can be observed by analyzing activity in the caches and external memory and I/O by analyzing activity in the memory controller or the uncore components.
  • the chip activity imager 100 can provide “images” of physical structure of the chip, which is the layout of the processor chip. This information may be obtained from CHAI stimulated mode. By stimulating specific portions of the processor (e.g. arithmetic logic unit, ALU), fluorescence of the chip during stimulated operations will reveal which part of the chip is the ALU.
  • ALU arithmetic logic unit
  • One benefit of the chip activity imager is that it creates images similar to die photos—but not destructively, and ones that dynamically show chip activity.
  • the chip activity imager can also provide operational behavior, which is the analysis of which parts of the chip are active when processing certain instruction streams. Moreover, certain portions of the chip may turn off for power savings or change operational frequency (DVFS). Observing the chip's responses to different instructions is crucial for latter analysis of what is going on when an unknown program is running on the chip.
  • DVFS change operational frequency
  • the IC chip that is being analyzed does not require any particular treatment, and thus the diamond (which may optionally include an isolation layer) can simply be placed on the surface of the IC chip. Since it is typical for both the IC chip and the diamond slide to be precisely polished, they can make a good contact when placed together. For instance, when analyzing a Flip-Chip Pin Grid Array (FC-PGA) package, in which the bottom of the chip (die) is exposed, the diamond slides used for detection can be easily placed on the exposed side of chip.
  • FC-PGA Flip-Chip Pin Grid Array
  • the present system and method can be integrated into a device that is typically already on hand. Further, solid state laser diodes, MEMS electromagnets, CCD or CMOS chips, and compacted optical components can further make the minimization of the proposed technique possible. For system and method can be easily combined with devices much like a green laser pointer can be combined and used with a cell phone camera.
  • FIG. 4 further illustrates a general computer 200 that may be used in accordance with the present system and method.
  • the computer 200 includes a processor 212 , memory 220 , storage device 230 , and one or more input and/or output (I/O) devices 232 (or peripherals) that are communicatively coupled via a local interface 234 .
  • the local interface 234 can be, for example but not limited to, one or more buses or other wired or wireless connections, as is known in the art.
  • the local interface 234 may have additional elements, which are omitted for simplicity, such as controllers, buffers (caches), drivers, repeaters, and receivers, to enable communications. Further, the local interface 234 may include address, control, and/or data connections to enable appropriate communications among the aforementioned components.
  • the processor 212 is a hardware device for executing software, particularly that stored in the memory 220 .
  • the processor 212 can be any custom made or commercially available processor, a central processing unit (CPU), an auxiliary processor among several processors, a semiconductor based microprocessor (in the form of a microchip or chip set), a macroprocessor, or generally any device for executing software instructions.
  • the memory 220 can include any one or combination of volatile memory elements (e.g., random access memory (RAM, such as DRAM, SRAM, SDRAM, etc.)) and nonvolatile memory elements (e.g., ROM, hard drive, tape, CDROM, etc.). Moreover, the memory 220 may incorporate electronic, magnetic, optical, and/or other types of storage media. Note that the memory 220 can have a distributed architecture, where various components are situated remote from one another, but can be accessed by the processor 212 .
  • the software 222 in the memory 220 may include one or more separate programs, each of which contains an ordered listing of executable instructions for implementing logical functions of the computer 200 , as previously described.
  • the software 222 in the memory 220 defines the computer 200 functionality in accordance with the present invention.
  • the memory 220 may contain an operating system (O/S) 236 .
  • the operating system 236 essentially controls the execution of computer programs and provides scheduling, input-output control, file and data management, memory management, and communication control and related services.
  • the computer 200 may be provided by a source program, executable program (object code), script, or any other entity containing a set of instructions to be performed.
  • a source program then the program needs to be translated via a compiler, assembler, interpreter, or the like, which may or may not be included within the memory 220 , so as to operate properly in connection with the O/S 236 .
  • the program can be written as (a) an object oriented programming language, which has classes of data and methods, or (b) a procedure programming language, which has routines, subroutines, and/or functions.
  • the I/O devices 232 may include input devices, for example but not limited to, a touch screen, a keyboard, mouse, scanner, microphone, or other input device. Furthermore, the I/O devices 232 may also include output devices, for example but not limited to, a display, or other output devices. The I/O devices 232 may further include devices that communicate via both inputs and outputs, for instance but not limited to, a modulator/demodulator (modem; for accessing another device, system, or network), a radio frequency (RF), wireless, or other transceiver, a telephonic interface, a bridge, a router, or other devices that function both as an input and an output.
  • modem modulator/demodulator
  • RF radio frequency
  • the processor 212 When the computer 200 is in operation, the processor 212 is configured to execute the software 222 stored within the memory 220 , to communicate data to and from the memory 220 , and to generally control operations of the computer 200 pursuant to the software 222 .
  • the software 222 and the O/S 236 in whole or in part, but typically the latter, are read by the processor 212 , perhaps buffered within the processor 212 , and then executed.
  • a computer readable medium is an electronic, magnetic, optical, or other physical device or means that can contain or store a computer program for use by or in connection with a computer related system or method.
  • the functionality can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions.
  • a “computer-readable medium” can be any means that can store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
  • the computer readable medium can be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. More specific examples (a nonexhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic) having one or more wires, a portable computer diskette (magnetic), a random access memory (RAM) (electronic), a read-only memory (ROM) (electronic), an erasable programmable read-only memory (EPROM, EEPROM, or Flash memory) (electronic), an optical fiber (optical), and a portable compact disc read-only memory (CDROM) (optical).
  • an electrical connection having one or more wires
  • a portable computer diskette magnetic
  • RAM random access memory
  • ROM read-only memory
  • EPROM erasable programmable read-only memory
  • EPROM erasable programmable read-only memory
  • CDROM portable compact disc read-only memory
  • the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
  • the storage device 230 of the computer 200 may be one of many different types of storage device, including a stationary storage device or portable storage device.
  • the storage device 230 may be a magnetic tape, disk, flash memory, volatile memory, or a different storage device.
  • the storage device may be a secure digital memory card or any other removable storage device 230 .
  • the storage device stores predefined IC chip expected clock frequencies and bandwidths.
  • RF radio-frequency
  • the bias magnetic field B 0 is scanned from 22 Gauss to 35 Gauss by an electromagnet
  • the spectra at three typical positions are shown in FIGS. 5D-F .
  • the depth of the dips indicates the intensities of the electromagnetic field at corresponding frequencies.
  • the intensity of electromagnetic field at RF 1 is much weaker than intensity at RF 2 , while the intensity is almost the same at position B, and much stronger at position C.
  • the reason why a set of three dips is depicted instead of a single dip is due to the superfine structure of the nitrogen atom. Comparing the frequency obtained by fitting the spectra with the frequency of excited RF signals read from the RF generator, the accuracy of frequency is about 0.1 MHz.
  • FIGS. 5A and 5C By looking at the intensity at RF 1 and RF 2 at every pixel, the images of intensity of the electromagnetic field are shown in FIGS. 5A and 5C , respectively.
  • the image shows the distribution of electromagnetic field at RF 1 and RF 2 .
  • the imaging result is consistent with the numerical simulations by Microwave Office (A RF simulation software from National Instruments).
  • the real time ability of detection using NV centers is demonstrated by monitoring the frequency drift of the object electromagnetic field.
  • a radio-frequency signal with slowing varying frequency (frequency modulation) is delivered to the NV centers using the mentioned transmission line.
  • frequencies of the radio-frequency signal are modulated by a sine, triangle, or rectangular function, with amplitude of 200 kHz.
  • the frequency drift can be optically read out in real-time.
  • the frequency of a signal is crucial for IC, and thus, monitoring the frequency will help in obtaining the activity of IC chip, such as the bandwidth, operation states (e.g. sleep, standby or high performance mode) of the IC.
  • the present system and method can further be optimized for large area detection, and weak signal detection, optical readout process, and data processing methods. Designed chips with radio-frequency features or Simple IC chips can further be analyzed. The present technique can further be used for the detection of IC chip activity with increasing complexity (e.g., FPGA, or microcontroller board). Beneficially, the dynamic activities of IC chip can be shown, when the chip is configured as various functionalities or various code is running on the chip.

Abstract

A system and method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip is provided. One embodiment of the method, includes exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence; providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip. A determination is then made of at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to herein as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip. A comparison is then performed, comparing at least one of the group comprising determined clock frequencies and determined data bandwidth.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • This application claims priority to copending U.S. Provisional application entitled, “ULTRAHIGH RESOLUTION DYNAMIC IC CHIP ACTIVITY DETECTION FOR HARDWARE SECURITY,” having Ser. No. 62/239,045, filed Oct. 8, 2015, which is entirely incorporated herein by reference.
    • FIELD OF THE INVENTION
  • The present invention is generally related to hardware security of integrated circuits, and more particularly is related to providing dynamic analysis of an integrated circuit to determine whether unpermitted actions are being taken.
    • BACKGROUND
  • Ubiquitous issues with software malware as well as lack of deep insight into the inner workings of the processor chip as it is executing individual instructions requires a new approach for securing mission-critical software. Today, advanced malware can hide inside the operating system or hypervisor (i.e., rootkits) making it difficult to rely on anti-virus or on other software defenses to correctly report state of the system—external methods are needed to observe operation of the software and the processor. Meanwhile, existing methods based on use of electromagnetic (EM) emanations analysis require discrete antennas and have low spatial resolution with respect to the size of the processor chip. Only bulk signature of software operation is observable and software's use of individual functional units is not observable. Thermal imaging can give more insights into which parts of the chip are active, but has large time-scales as repeated operations are needed to heat up certain parts of the chip for them to be observable. Moreover, heat spreading through the package blurs out the image. These are real-time, non-invasive techniques but are severely limited in spatial and temporal resolutions.
  • In addition to software issues, the ubiquitous presence of integrated circuit (IC) chips and globalization of microelectronics design and manufacturing provide ample opportunity for concealment of hardware Trojans in ICs or other modifications to the hardware. Presently, real-time non-invasive analysis of the dynamic activities in processors is not available. Yet, there are constant fears about hidden hardware Trojans potentially inserted into commodity hardware. Malicious components can leak information and bypass operating system (OS) and hypervisor-based protection mechanisms. Even if the hardware is correct, kernel and hypervisor rootkits can manipulate (e.g. disable) certain hardware features without outright side-effects.
  • In recent years, hardware security has been a serious concern in military, financial and government computing infrastructures, and household appliances and customer privacy. The ubiquitous presence of integrated circuits (IC) and globalization of microelectronics design and manufacturing increase the potential of technical vulnerabilities. On the one hand, an adversary can implement hardware Trojans that may disable and/or destroy a system at future time, or leak confidential information and secret keys covertly. These hardware Trojans are extremely hard to detect because the scale of alterations is tiny compared with the entire chip design, the nanoscale feature sizes of advanced IC fabrication are challenging to monitor, and conditions that trigger a Trojan circuit are unknown. On the other hand, side channel cryptanalysis has successfully attacked many cryptographic implementations. Side channel attacks bypass the theoretical strength of cryptographic algorithms by exploiting weaknesses in the hardware implementation including power consumption, electromagnetic radiation, light, timing, and sound. Nearly all types of IC chips, including application-specific integrated circuits (ASICs), field programmable gate arrays (FPGA), digital signal processors (DSP), microprocessors, microcontrollers, and analog and digital sensors can be susceptible to both hardware Trojans and side channel attacks. In particular, the chips from untrusted sources or defective designs can significantly increase vulnerability and compromise hardware security. For example, companies like Microsoft rely on genuine and secure hardware for operation of their data and cloud computing offerings, yet they have little to no insights into what is going on in the hardware of the processors powering their servers, especially during runtime.
  • Several efforts, including analyzing hardware description language codes for hidden functionality, split-manufacturing for preventing insertion of hidden Trojans, and destructive teardowns of hardware, have been made to address the concerns about hardware integrity. While side channel attacks have demonstrated by, for example, measuring the runtime power consumption, capturing temperature imaging (i.e. infrared light radiation), electromagnetic emission, those techniques are far below in ability to detection of hardware Trojans. Detecting electromagnetic emission is very promising, since many elements of an IC chip, including clock networks, signal lines, and transistors, radiate electromagnetic waves during operation. Both amplitude modulation and frequency modulation during runtime have been observed from electromagnetic emission. Since most information contained in electromagnetic emission is stored within the distance less than one wavelength (i.e. near field) from the emission sources (e.g. transistors), near-field sensing of the electromagnetic field is more desirable than far-field (more than two wavelength in distance). However, the near-field sensing of electromagnetic field is challenging especially for high frequency signals, owing to the short wavelength (about 3 cm for 10 GHz signal) and low intensity (electromagnetic emissions depends on the electrical currents).
  • Thus, a heretofore unaddressed need exists in the industry to address the aforementioned deficiencies and inadequacies.
    • SUMMARY OF THE INVENTION
  • Embodiments of the present invention provide a system and method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip. Briefly described, in architecture, one embodiment of the system, among others, can be implemented as follows. The system contains an IC chip being tested; a diamond slide having nitro variance (NV) centers located on the IC chip being tested, where the diamond slide is placed in close proximity to the IC chip, either outside a package of the IC chip or inside the package of the IC chip; a light source for exciting the NV centers resulting in an NV fluorescence; an imager for providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; and a computer in communication with the imager for determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip.
  • The present invention can also be viewed as providing methods for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip. In this regard, one embodiment of such a method, among others, can be broadly summarized by the following steps: exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence; providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to herein as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip; and comparing at least one of the group comprising determined clock frequencies and determined data bandwidth, to at least one of the group comprising expected clock frequencies of the IC chip and expected data bandwidth of the IC chip.
  • The present invention can further be viewed as a method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip, which comprises the steps of: exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence; providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; determining data characteristics of the IC chip from the spectra of electromagnetic fields of the IC chip when the IC chip transmits data; and comparing the determined data characteristics to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • Other systems, methods, features, and advantages of the present invention will be or become apparent to one with skill in the art upon examination of the following drawings and detailed description. It is intended that all such additional systems, methods, features, and advantages be included within this description, be within the scope of the present invention, and be protected by the accompanying claims.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Many aspects of the invention can be better understood with reference to the following drawings. The components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present invention. Moreover, in the drawings, like reference numerals designate corresponding parts throughout the several views.
  • FIG. 1A is a schematic diagram illustrating the detecting of electromagnetic waves using NV centers.
  • FIG. 1B is a schematic diagram illustrating an NV center, which consists of two lattice defects in an otherwise perfect diamond lattice
  • FIG. 1C is a graph illustrating a simplified level scheme in the ground state of the NV plotted.
  • FIG. 2 is a flowchart summarizing steps performed by the present system and method in the process of detecting a hardware security risk for a tested IC chip.
  • FIG. 3 is a schematic diagram of a chip activity imager, in accordance with the present invention.
  • FIG. 4 illustrates a computer connected to the imager, or CCD array of FIG. 3.
  • FIG. 5A illustrates RF1 intensity.
  • FIG. 5B is a schematic diagram illustrating a micro radio-frequency coupler used to demonstrate the ability of the present invention and associated method.
  • FIG. 5C illustrates RF2 intensity.
  • FIGS. 5D-F illustrate the resulting spectra at three typical positions that result from the bias magnetic field B0 being scanned from 22 Gauss to 35 Gauss by an electromagnet.
  • FIG. 6 is a graph illustrating real-time response/ability of the present system and method.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • The present system and method provides techniques, devices, and systems for ultrahigh spatial resolution detection of near-field electromagnetic emission. In particular, the present invention provides a technique that uses negatively charged nitrogen-vacancy (NV-) color centers in diamond. This technique for dynamic chip activity analysis can analyze electromagnetic emission with spatial resolution down to a single transistor or logic gate level. Furthermore, the present system and method can distinguish the frequencies of electromagnetic emission over a wide band, meaning that it can show the frequency spectra of electromagnetic fields. Importantly, the present method is non-destructive and will not perturb the functionality of IC chips. The present system and method can also be performed at runtime. The present system and method can obtain fine information of dynamic IC chip behaviors, and provides new ways in chip verification, chip identification, hardware Trojan detection, and side-channel information leak detection.
  • Aspects of the present system and method provide a new non-invasive technique for detecting the dynamic electromagnetic emission of IC chips using NV centers in diamond. By using an optical readout of the quantum states of NV centers, an IC chip can be imaged by radio-frequency spectrometry at runtime, which leads to several advantages over the prior work in hardware Trojan detections and side channel attacks. Several highlighted features of the present invention are described hereinafter.
    • 1) Megapixel Imaging Resolution
  • In accordance with the present system and method, NV centers in diamonds are utilized as sensors, which convert the IC chip local electromagnetic fields to optical readout signals, which are signal lights generated by the NV, that are sent to a Charge-Coupled Device (CCD) array. While diamond slides can easily be placed on the top or bottom of an IC chip, the optical readout process can alternatively be performed at a distance as long as an optical path from the NV centers to the CCD array, or other detector, is secured. A detecting light and signal light are in the wavelengths of the visible light band, and thus the optical readout, which consists of the signal light, enjoys less noise compared to radio-frequency signals. Further, optical readouts of multiple NV centers can be determined simultaneously by using an Electron Multiplying Charge-Coupled Device (EM-CCD), which means NV centers at megapixels can be readout by a single shot image. As such, the present technique provides a wide-field ability for detecting over the region of an entire IC chip without requiring position scanning techniques.
    • 2) Ultrahigh Spatial Resolution
  • As is described in detail herein, since NV centers convert information in electromagnetic fields to optical readout signals at the position very close to (i.e. near field) the sources of electromagnetic field, (i.e. elements on IC chips), the electromagnetic field generated by single elements has not been blurred out at the position of NV centers. This is crucial in detecting high frequency signals, since the high frequency electromagnetic wave by different elements will blur out much faster due to diffraction when propagating in space.
  • Further, the NV centers in diamonds are capable of detecting an electromagnetic field with atomic (sub-nanoscale) spatial resolution. NV centers are atomic defects in the crystal of a diamond created by a nitrogen atom with a vacancy nearby, and it only interacts with local electrical and magnetic fields. In the other word, NV centers detect the electromagnetic field at the same position. The abovementioned two reasons make the present system and method beneficial for an ultrahigh spatial resolution.
    • 3) Sub-Megahertz Electromagnetic Frequency Spectrometry
  • The optical readout signal of NV centers depends not only on the intensity of electromagnetic field, but also on the frequency of the electromagnetic field. Basically, only the electromagnetic field at the resonant frequency of electrons associated with NV centers will generate an optical readout signal in accordance with the present invention. Further, the resonant frequency can be tuned by applying an external DC magnetic field. In accordance with one exemplary embodiment, for illustration purposes, the dynamic range of resonant frequency is from about 500 MHz and up to more than 10 GHz, where 2.87 GHz is the resonant frequency without an external magnetic field. Physically, this range is determined by how large the DC magnetic field is. It is noted that by using a super strong magnet, the range of the example, can be exceeded. This tuning can be achieved, for example, by tuning the current of an electromagnet with accuracy better than 100 kHz by a low-cost commercially available electromagnet.
  • Thus, by scanning the resonant frequency of NV centers, the spectra of the electromagnetic fields can be obtained at every position where an NV center is located. The resolution in frequency is limited by quantum coherence time of NV centers, which leads to less than 500 kHz for commercially available diamond samples (e.g. from Element Six Inc). The spectrum of the electromagnetic field provides information about the clock frequencies of IC chips and data bandwidth of IC chips. Specifically, the location of the peak in an electromagnetic frequency spectrum infers the clock frequency of the IC chip, while the width of the peak in the spectrum infers the bandwidth of the IC chip. In addition to the abovementioned, a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be used, as opposed to, or in addition to, the clock frequencies and data bandwidth of IC chips. As is described in detail below, the determined clock frequency and bandwidth of the IC chip can be compared to an expected value or range for the IC chip, and/or the data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip. If there is no match, it is known that a foreign element is located or affecting the IC chip.
    • 4) Real-Time Non-Invasive Measurement and Detection
  • In accordance with the present system and method, and as is explained in greater detail herein, although continuous capturing is not required, the optical signal of NV centers can be captured continuously, thus allowing for real-time detection. For example, by using an EM-CCD, an image of optical signals (i.e. intensities of NV centers fluorescence) can be captured every 35 milliseconds, or at a different interval. This can be further improved by using a high-speed CCD.
  • Further, as is described in detail hereinbelow, the present system and method uses a probing light for exciting an electron associated with the negatively charged NV center from its ground state to an excited state. As long as any probing light that is used is isolated from the elements in an IC chip, the present system and method for detection will not have any side effects on the functionality of the IC chip, even if the IC chip is light sensitive. Such isolation can be easily achieved, for example, by depositing a thin layer of any visibly opaque but radio frequency transparent material (e.g. Silicon) on the chip or diamond, so as to block any probing light from elements of the IC chip. Therefore, the present technique is promising for runtime detection of IC chips.
  • As described in detail below, the present system and method provides a significant impact on hardware and software security. A non-invasive real-time analysis technique, device and system is provided that will provide consumers of hardware products (e.g., companies like Microsoft) with the ability to non-destructively analyze the hardware they have purchased and the operation of the nanometer transistors within to ensure hardware (and software) security.
  • The physical principle of the present detection technique using NV centers involves the quantum states of an atomic defect (i.e. NV centers) in a solid state material (i.e. diamond), and optical readout of the populations in quantum states. It should be noted that the term “populations” means the probabilities of an NV in different quantum states. For example, one quantum state may have 60% in spin-0 state, and another quantum state may have 40% in spin-1 state. According the nomenclature in the industry, we say that the population of spin-0 state is 0.6
  • An NV center is an atomic-like system in the solid state, which, as illustrated by the schematic diagram of FIG. 1B, consists of two lattice defects in an otherwise perfect diamond lattice: two proximal carbon atoms are knocked out, and one of them is replaced by nitrogen (N) and the other site remains vacant (V). For FIG. 1B the lattice structure of NV centers in diamond, C for Carbon atoms, the NV center is aligned with the <111> crystal direction, and B0 is the direction of bias DC magnetic field for resonant frequency tuning.
  • FIG. 1A is a schematic diagram illustrating the detecting of electromagnetic (E&M) waves using NV centers. As shown in FIG. 1A, when illuminated by green light (illustrated by the arrow pointing toward the NV centers labelled 532 nm), an electron associated with the negatively charged NV center (the electron comes from nearby donors or defects) can be excited from its ground state to the excited state, after which it emits red photons (illustrated by the arrow point away from the NC centers labelled 637-750 nm) and it returns to the ground state.
  • The simplified level scheme in the ground state of the NV (excited states are not shown) is plotted in inset of the graph of FIG. 1C. There are two quantum states labeled with |0> and |+1>, where 0 and +1 indicate their spin quantum number of the electron. The energy difference fi (i.e. the resonant frequency for electromagnetic field) between the two states is given by equation 1,

  • f i =D 0+2γB 0  Eq. 1
  • where D0=2.87 GHz is the zero-field splitting, γ=28 GHz/T is the electron gyromagnetic ratio, and B0 is the bias DC magnetic field as applied by an electromagnet. In the measured spectrum of FIG. 1C, the dip indicates the frequency fd of the electromagnetic field. The inset illustrates the simplified energy diagram of NV quantum states, the energy separated by fi, which is determined by a zero-field splitting D0 and bias magnetic field B0.
  • Importantly, the probability of photon emission after green illumination is dependent on the spin state of the electron: in spin state |0> the NV is more likely to emit a photon than when it is in its spin state |1>. This feature has been used to do very sensitive magnetic field measurements by applying a combination of green laser pulses and microwave fields at 2.87 GHz. Since the size of the NV centers is basically the size of two atoms, spatial resolution enabled by this system is very large, and is typically limited by the ability of the optical component (e.g. microscopy objective, CCD) used to image the emitted red photons, as described below.
  • The present technique for the detection of electromagnetic fields using NV centers may be described as follows. The spin of an NV electron is first prepared in the |0> state optically, and exposed to electromagnetic waves originating from the IC chip. By applying the green laser/light to the NVs, the NVs will be then be |0> state in majority. This is due to the electron energy structure of the NV centers, when the NV cycles between excited states and ground states, it will more probably go to |0> than |1> spin state. By this way, we can prepare the NV in |0> state. This procedure is well known to the field, and is the nature of the NV center.
  • When the frequency of these electromagnetic waves is resonant with a frequency of interest, fi, corresponding to the energy separation between |0> and |1> state, the spin state will be changed to |+1> (or some superposition of |0> and |+1>). Since the |+1> state fluoresces less than the |0> state, as described above, the population of each spin state can be monitored simply by detecting light emitted from the NVs. In order to tune the NV into different microwave frequencies present in the electromagnetic signal of interest—fi—the strength of bias DC magnetic field is simply changed. It is noted that the electromagnetic signal of interest could be the signal from the normal/designed circuit functionality (to verify the design) or due to the Trojan. When the frequency of object electromagnetic field fd is the same as the resonant frequency of interest fi, (i.e. fi=fd) the fluorescence intensity of NV centers will be lowered. Therefore, by sweeping the intensity of the external magnetic field (e.g., using an electromagnet, as described below) a wide range of radio-frequency and microwave frequencies can be probed, and spectral analysis of electromagnetic signals originating from an IC of interest can be performed. The spectral analysis may entail, as a non-limiting example, finding peaks in the spectrum, measuring width of each peak, determining relationships between peaks, or other methods of performing such spectral analysis. Importantly, by using more than 1012 of NV centers per centimeter squared distributed all over the diamond surface simultaneously, it is possible to image the distribution of RF and microwave fields over a wide area (megapixel resolution).
  • FIG. 2 is a flowchart 10 summarizing steps performed by the present system and method in the process of detecting a hardware security risk for a tested IC chip. These steps are described in further detail within the present detailed description. It should be noted that any process descriptions or blocks in flowcharts should be understood as representing modules, segments, portions of code, or steps that include one or more instructions for implementing specific logical functions in the process, and alternate implementations are included within the scope of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
  • As is shown by block 20, the present system scans resonant frequency of NV centers to obtain spectra of electromagnetic fields associated with an IC chip being tested. The spectrum of electromagnetic field is then analyzed to provide information about the clock frequencies of the IC chip and data bandwidth of the IC chip (block 30). Alternatively, or in addition, a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be analyzed for the IC chips.
  • As shown by block 40, a comparison is then performed between the determined clock frequencies and bandwidth of the IC chip being tested to expected predefined clock frequencies and bandwidth of the IC chip being tested to determine if a foreign device or software is affecting the tested IC chip. In addition, or in the alternative, data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • FIG. 3 is a schematic diagram of a chip activity imager 100, in accordance with the present invention. It should be noted that FIG. 3 is provided for exemplary purposes only, and is not intended to limit the present system and method to merely using the components illustrated. The chip activity imager 100 provides detection techniques as described in accordance with the present system and method.
  • An IC chip, which is to be tested, is referred to herein as a target IC chip. The target IC chip 102 is placed under a diamond slide 104 with NV centers. If the IC chip 102 is sensitive to visible light, an isolation layer 106 can be located on the IC chip 102, which blocks both probe light, as described below, and NV fluorescence (i.e., the optical readout signal) from the IC chip 102.
  • It should be noted that the diamond slide 104, or diamond chip, in accordance with the present invention, merely needs to be placed in close proximity to the target IC chip 102, either outside the IC package, as illustrated by FIG. 3, or inside the package. In accordance with the present exemplary embodiment, diamond is embedded with a sheet of NV centers below the surface of the diamond (for instance, but not limited to, ˜10 nm below the surface), either during diamond growth or via ion implantation of nitrogen into ultrapure synthetic diamond substrates.
  • A probe laser 110, or other source of light, is used to excite the NV centers, thus the quantum states of NV centers can be optically read out by the intensity of fluorescence. The probe laser 110 may be a green light, having a range of emission between 450 nm to 650 nm. It should be noted while the example of a 532 nm output green laser is provided as an example for the laser probe 110, a different laser probe may be used. In addition, the source of light need not be a laser, but instead a light emitting diode, mercury lamp, filtered white light, or other source of light capable of causing excitement may be used.
  • The probe laser 110, after passing through a beam splitter 130, is focused at the NV centers by an objective 112. The objective 112 may be any device capable of focusing the emitted laser beam from the probe laser 110, so as to focus the laser beam at the NV centers. An electromagnet 114 is used to apply an external bias DC magnetic field. The external DC magnetic field tunes the resonant frequency of NV centers by tuning the magnetic field as applied to the NV centers such that the resonant frequency of NV centers is tuned, resulting in the NV fluorescence. The external magnetic field also determines which frequencies of electromagnetic field are to be viewed via an imager, demonstrated in the present figure as a CCD array 120. It should be noted, however, that the imager may be a different device, such as, but not limited to, CCD camera or a CMOS camera. Specifically, after calibration, which is detecting the known electromagnetic field signals, the resonant frequency corresponds to the certain voltage/current applied on the electromagnet. Alternatively, the resonant frequency may correspond to a certain distance from a permanent magnet to the NV centers. Tuning can be achieved, for example, by tuning the current of an electromagnet with accuracy better than 100 kHz by a low-cost commercially available electromagnet.
  • NV fluorescence resulting from NV center emission, as caused by the laser beam and external bias DC magnetic field, is again collected by the objective 112, which focuses the NV fluorescence, transmitting to the CCD array 120. In accordance with the present exemplary embodiment, the CCD array is a cooled EM-CCD array.
  • In accordance with one exemplary embodiment of the invention, the NV centers are interrogated using luminescent measurement in a wide-field microscope: green light, for example, from a solid-state laser is used to excite NV centers over a wide field of view and red photons emitted from the NVs are imaged using the EM-CCD array 120. Owing to its internal structure, the likelihood of NV- to emit a photon after absorbing one green photon is directly proportional to the spin state of its electron, which in turn is very sensitive to the NVs electromagnetic environment. This allows the intensity and spatial profile of the emitted RF field to be directly imaged on the CCD array 120. The frequency of RF signal that NV responds to, for example, but not limited to, the 10 MHz to 10 GHz range, can be dynamically controlled using the external electromagnet 114. In this way, each NV center plays a role of an atomic-scale RF spectrum analyzer. Using many NVs at the same time, the information about the frequency, intensity and spatial profile of RF field can be easily obtained.
  • Receipt of the NV center emission by the CCD array 120 results in an optical readout of NVs, where the quantum states of NV centers are read out, thus imaging the IC chip and performing radio-frequency spectrometry at runtime. The optical readout of NVs results in the spectra of electromagnetic fields of the IC chip being tested.
  • The CCD array 120 is preferably connected to a computer 200, as illustrated by FIG. 4, for processing the spectra pf electromagnetic fields of the IC chip being tested. The computer 200 is capable of taking the spectrum of electromagnetic field of the IC chip tested and determining clock frequencies of the IC chip and data bandwidth of the IC chip.
  • It should be noted that alternatively, or in addition, a spectrum of electromagnetic fields associated with data transmitted by the IC chip may be analyzed for the IC chips by the spectrum of electromagnetic fields associated with the data transmission being received by the CCD array 120.
  • The computer 200 then compares determined clock frequencies and bandwidth of IC chip to a predefined clock frequency and bandwidth of the IC chip to determine if a foreign device, or software, is located on the tested IC chip. Specifically, an expected range of IC chip clock frequency and data bandwidth is predefined and stored either within a storage device of the computer 200, or at a remote location capable of being accessed by the chip activity imager 100, such as via a local area network, or wirelessly via the internet. The expected range is considered to be the normal functioning range of the IC chip. Determined values outside of these ranges illustrate a foreign presence.
  • In addition, or in the alternative, data characteristics of the IC chip as displayed by the electromagnetic frequency spectrum associated with the IC chip during transmission of data can be compared to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
  • The present chip activity imager (CHAI) 100 and method operates in two configurations: CHAI-IN and CHAI-OUT. In addition, in each configuration it can run in one of two modes: stimulated and passive. In stimulated mode, custom test programs are loaded onto the processor to stimulate (or inhibit) activity of specific functional units of the processor which enables analysis of the structure of the chip and which functional units are active. The stimulated mode and the data obtained from it can be used to build a model of the processor chip. Model of the chip has two parts: physical structure and operational behavior. In passive mode, the CHAI 100 only measures fluorescence, while the processor chip is running under control of whatever operating system and programs it would usually run. The fluorescence measurements combined with the model of the chip built during the stimulated operation will reveal information about software running on the chip, such as what it is doing by observing which functional units are triggered. Memory access patterns can be observed by analyzing activity in the caches and external memory and I/O by analyzing activity in the memory controller or the uncore components.
  • The chip activity imager 100 can provide “images” of physical structure of the chip, which is the layout of the processor chip. This information may be obtained from CHAI stimulated mode. By stimulating specific portions of the processor (e.g. arithmetic logic unit, ALU), fluorescence of the chip during stimulated operations will reveal which part of the chip is the ALU. One benefit of the chip activity imager is that it creates images similar to die photos—but not destructively, and ones that dynamically show chip activity. The chip activity imager can also provide operational behavior, which is the analysis of which parts of the chip are active when processing certain instruction streams. Moreover, certain portions of the chip may turn off for power savings or change operational frequency (DVFS). Observing the chip's responses to different instructions is crucial for latter analysis of what is going on when an unknown program is running on the chip.
  • In accordance with the present invention, the IC chip that is being analyzed does not require any particular treatment, and thus the diamond (which may optionally include an isolation layer) can simply be placed on the surface of the IC chip. Since it is typical for both the IC chip and the diamond slide to be precisely polished, they can make a good contact when placed together. For instance, when analyzing a Flip-Chip Pin Grid Array (FC-PGA) package, in which the bottom of the chip (die) is exposed, the diamond slides used for detection can be easily placed on the exposed side of chip.
  • According to aspects of the present invention, the present system and method can be integrated into a device that is typically already on hand. Further, solid state laser diodes, MEMS electromagnets, CCD or CMOS chips, and compacted optical components can further make the minimization of the proposed technique possible. For system and method can be easily combined with devices much like a green laser pointer can be combined and used with a cell phone camera.
  • FIG. 4 further illustrates a general computer 200 that may be used in accordance with the present system and method. Generally, in terms of hardware architecture, as shown in FIG. 3, the computer 200 includes a processor 212, memory 220, storage device 230, and one or more input and/or output (I/O) devices 232 (or peripherals) that are communicatively coupled via a local interface 234. The local interface 234 can be, for example but not limited to, one or more buses or other wired or wireless connections, as is known in the art. The local interface 234 may have additional elements, which are omitted for simplicity, such as controllers, buffers (caches), drivers, repeaters, and receivers, to enable communications. Further, the local interface 234 may include address, control, and/or data connections to enable appropriate communications among the aforementioned components.
  • The processor 212 is a hardware device for executing software, particularly that stored in the memory 220. The processor 212 can be any custom made or commercially available processor, a central processing unit (CPU), an auxiliary processor among several processors, a semiconductor based microprocessor (in the form of a microchip or chip set), a macroprocessor, or generally any device for executing software instructions.
  • The memory 220 can include any one or combination of volatile memory elements (e.g., random access memory (RAM, such as DRAM, SRAM, SDRAM, etc.)) and nonvolatile memory elements (e.g., ROM, hard drive, tape, CDROM, etc.). Moreover, the memory 220 may incorporate electronic, magnetic, optical, and/or other types of storage media. Note that the memory 220 can have a distributed architecture, where various components are situated remote from one another, but can be accessed by the processor 212.
  • The software 222 in the memory 220 may include one or more separate programs, each of which contains an ordered listing of executable instructions for implementing logical functions of the computer 200, as previously described. The software 222 in the memory 220 defines the computer 200 functionality in accordance with the present invention. In addition, although not required, it is possible for the memory 220 to contain an operating system (O/S) 236. The operating system 236 essentially controls the execution of computer programs and provides scheduling, input-output control, file and data management, memory management, and communication control and related services.
  • The computer 200 may be provided by a source program, executable program (object code), script, or any other entity containing a set of instructions to be performed. When a source program, then the program needs to be translated via a compiler, assembler, interpreter, or the like, which may or may not be included within the memory 220, so as to operate properly in connection with the O/S 236. Furthermore, the program can be written as (a) an object oriented programming language, which has classes of data and methods, or (b) a procedure programming language, which has routines, subroutines, and/or functions.
  • The I/O devices 232 may include input devices, for example but not limited to, a touch screen, a keyboard, mouse, scanner, microphone, or other input device. Furthermore, the I/O devices 232 may also include output devices, for example but not limited to, a display, or other output devices. The I/O devices 232 may further include devices that communicate via both inputs and outputs, for instance but not limited to, a modulator/demodulator (modem; for accessing another device, system, or network), a radio frequency (RF), wireless, or other transceiver, a telephonic interface, a bridge, a router, or other devices that function both as an input and an output.
  • When the computer 200 is in operation, the processor 212 is configured to execute the software 222 stored within the memory 220, to communicate data to and from the memory 220, and to generally control operations of the computer 200 pursuant to the software 222. The software 222 and the O/S 236, in whole or in part, but typically the latter, are read by the processor 212, perhaps buffered within the processor 212, and then executed.
  • When functionality of the present system is implemented in software, it should be noted that the functionality can be stored on any computer readable medium for use by or in connection with any computer related system or method. In the context of this document, a computer readable medium is an electronic, magnetic, optical, or other physical device or means that can contain or store a computer program for use by or in connection with a computer related system or method. The functionality can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. In the context of this document, a “computer-readable medium” can be any means that can store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
  • The computer readable medium can be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. More specific examples (a nonexhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic) having one or more wires, a portable computer diskette (magnetic), a random access memory (RAM) (electronic), a read-only memory (ROM) (electronic), an erasable programmable read-only memory (EPROM, EEPROM, or Flash memory) (electronic), an optical fiber (optical), and a portable compact disc read-only memory (CDROM) (optical). Note that the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
  • The storage device 230 of the computer 200 may be one of many different types of storage device, including a stationary storage device or portable storage device. As an example, the storage device 230 may be a magnetic tape, disk, flash memory, volatile memory, or a different storage device. In addition, the storage device may be a secure digital memory card or any other removable storage device 230. Preferably, the storage device stores predefined IC chip expected clock frequencies and bandwidths.
  • The following provides an exemplary demonstration of using the present system and method, and it is not intended to limit the present invention. To demonstrate the ability of the present invention and associated method, a micro radio-frequency (RF) coupler as shown in FIG. 5B was fabricated. Two signals were applied to the gold transmission lines of the RF coupler: one at frequency at 2.80 GHz, and the other at 2.78 GHz. Both RF transmission lines generate electromagnetic fields at corresponding frequencies. Since an electromagnetic field at radio frequency 1 (RF1) is generated at the right line, the left region of the area is expected to show a low intensity of electromagnetic field at RF1; the same is expected for radio frequency 2 (RF2).
  • While the bias magnetic field B0 is scanned from 22 Gauss to 35 Gauss by an electromagnet, the spectra at three typical positions are shown in FIGS. 5D-F. The depth of the dips indicates the intensities of the electromagnetic field at corresponding frequencies. At position A, the intensity of electromagnetic field at RF1 is much weaker than intensity at RF2, while the intensity is almost the same at position B, and much stronger at position C. The reason why a set of three dips is depicted instead of a single dip is due to the superfine structure of the nitrogen atom. Comparing the frequency obtained by fitting the spectra with the frequency of excited RF signals read from the RF generator, the accuracy of frequency is about 0.1 MHz.
  • By looking at the intensity at RF1 and RF2 at every pixel, the images of intensity of the electromagnetic field are shown in FIGS. 5A and 5C, respectively. The image shows the distribution of electromagnetic field at RF1 and RF2. The imaging result is consistent with the numerical simulations by Microwave Office (A RF simulation software from National Instruments).
  • The real time ability of detection using NV centers is demonstrated by monitoring the frequency drift of the object electromagnetic field. A radio-frequency signal with slowing varying frequency (frequency modulation) is delivered to the NV centers using the mentioned transmission line. As shown in the schematic diagram of FIG. 6, frequencies of the radio-frequency signal are modulated by a sine, triangle, or rectangular function, with amplitude of 200 kHz. By monitoring the fluorescence of the NV centers, the frequency drift can be optically read out in real-time. For the security of many systems, the frequency of a signal is crucial for IC, and thus, monitoring the frequency will help in obtaining the activity of IC chip, such as the bandwidth, operation states (e.g. sleep, standby or high performance mode) of the IC.
  • The present system and method can further be optimized for large area detection, and weak signal detection, optical readout process, and data processing methods. Designed chips with radio-frequency features or Simple IC chips can further be analyzed. The present technique can further be used for the detection of IC chip activity with increasing complexity (e.g., FPGA, or microcontroller board). Beneficially, the dynamic activities of IC chip can be shown, when the chip is configured as various functionalities or various code is running on the chip.
  • It will be apparent to those skilled in the art that various modifications and variations can be made to the structure of the present invention without departing from the scope or spirit of the invention. In view of the foregoing, it is intended that the present invention cover modifications and variations of this invention provided they fall within the scope of the following claims and their equivalents.

Claims (18)

What is claimed is:
1. A method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip, comprising the steps of:
exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence;
providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip;
determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to herein as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip; and
comparing at least one of the group comprising determined clock frequencies and determined data bandwidth, to at least one of the group comprising expected clock frequencies of the IC chip and expected data bandwidth of the IC chip.
2. The method of claim 1, further comprising the step of applying an external bias direct current (DC) magnetic field for tuning resonant frequency of the NV centers, thereby influencing the NV fluorescence.
3. The method of claim 1, further comprising the step of separating the light used for exciting the NV centers, from the NV fluorescence.
4. The method of claim 1, further comprising the step of focusing the light used for exciting the NV centers to the diamond slide.
5. The method of claim 1, further comprising the step of preventing the light for exciting from damaging the IC chip via use of an isolation layer.
6. The method of claim 1, further comprising the step of focusing the NV fluorescence prior to the step of providing the optical readout of the NV fluorescence.
7. The method of claim 1, wherein the method is performed in runtime of the IC chip.
8. A system for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip, comprising:
an IC chip being tested;
a diamond slide having nitro variance (NV) centers located on the IC chip being tested, where the diamond slide is placed in close proximity to the IC chip, either outside a package of the IC chip or inside the package of the IC chip;
a light source for exciting the NV centers resulting in an NV fluorescence;
an imager for providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip; and
a computer in communication with the imager for determining at least one of the group comprising clock frequencies of the IC chip, referred to herein as determined clock frequencies, and data bandwidth of the IC chip, referred to as determined data bandwidth of the IC chip, from the spectra of electromagnetic fields of the IC chip.
9. The system of claim 8, further comprising an electromagnet for applying an external bias direct current (DC) magnetic field for tuning resonant frequency of the NV centers, thereby influencing the NV fluorescence.
10. The system of claim 8, further comprising a beam splitter, for separating light from the source of light, from NV fluorescence.
11. The system of claim 8, further comprising a storage device for storing at least one of the group comprising expected clock frequencies of the IC chip being tested and expected bandwidth of the IC chip being tested.
12. The system of claim 11, wherein the computer further compares at least one of the group comprising determined clock frequencies and determined data bandwidth, to at least one of the group comprising expected clock frequencies and expected data bandwidth.
13. The system of claim 8, further comprising an isolation layer located between the IC chip and the diamond slide having NV centers for preventing light emitted by the light source from damaging the IC chip.
14. The system of claim 8, wherein the imager is selected from the group comprising a charge-coupled device (CCD) array, a CCD camera, and a CMOS camera.
15. The system of claim 8, further comprising an objective for focusing emitted light from the light source to the diamond slide.
16. The system of claim 15, wherein the objective also focuses NV fluorescence to the imager.
17. The system of claim 8, wherein the light source is a laser probe providing a green laser.
18. A method for detecting dynamic electromagnetic emission of an integrated circuit (IC) chip, comprising the steps of:
exciting nitro variance (NV) centers of a diamond slide located in close proximity to the IC chip via use of light, resulting in an NV fluorescence;
providing an optical readout of the NV fluorescence, wherein the optical readout provides quantum states of the NV centers, thereby providing a spectra of electromagnetic fields of the IC chip;
determining data characteristics of the IC chip from the spectra of electromagnetic fields of the IC chip when the IC chip transmits data; and
comparing the determined data characteristics to expected data characteristics of the IC chip to determine if a foreign device or software is affecting the tested IC chip.
US15/766,845 2015-10-08 2016-10-07 Ultrahigh resolution dynamic IC chip activity detection for hardware security Active US11041809B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/766,845 US11041809B2 (en) 2015-10-08 2016-10-07 Ultrahigh resolution dynamic IC chip activity detection for hardware security

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201562239045P 2015-10-08 2015-10-08
US15/766,845 US11041809B2 (en) 2015-10-08 2016-10-07 Ultrahigh resolution dynamic IC chip activity detection for hardware security
PCT/US2016/055937 WO2017062735A1 (en) 2015-10-08 2016-10-07 Ultrahigh resolution dynamic ic chip activity detection for hardware security

Publications (2)

Publication Number Publication Date
US20180284026A1 true US20180284026A1 (en) 2018-10-04
US11041809B2 US11041809B2 (en) 2021-06-22

Family

ID=58488572

Family Applications (1)

Application Number Title Priority Date Filing Date
US15/766,845 Active US11041809B2 (en) 2015-10-08 2016-10-07 Ultrahigh resolution dynamic IC chip activity detection for hardware security

Country Status (2)

Country Link
US (1) US11041809B2 (en)
WO (1) WO2017062735A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110135161A (en) * 2019-05-23 2019-08-16 电子科技大学 A kind of On-wafer measurements method of hardware Trojan horse
WO2019158646A1 (en) * 2018-02-16 2019-08-22 Thales Device and method for frequency analysis of a signal
US10521897B2 (en) * 2016-07-22 2019-12-31 International Business Machines Corporation Using photonic emission to develop electromagnetic emission models
CN111460529A (en) * 2020-03-17 2020-07-28 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) Hardware Trojan horse detection and positioning method and system
US11519989B2 (en) 2020-01-30 2022-12-06 The Mitre Corporation High-resolution magnetic field fingerprinting of integrated circuit activity with a quantum diamond microscope

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108898034B (en) * 2018-06-27 2021-07-06 天津大学 Hardware Trojan side channel detection method based on divide and conquer algorithm
US11313930B1 (en) 2020-11-13 2022-04-26 Rohde & Schwarz Gmbh & Co. Kg Alternation pulsed double resonance detection scheme for gapless detection in atomic vapor quantum sensors

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080038877A1 (en) * 2004-11-16 2008-02-14 Super Talent Electronics, Inc. Light-Weight Flash Hard Drive With Plastic Frame
US20130044003A1 (en) * 2011-08-18 2013-02-21 Microsoft Corporation Intrusion Detection and Communication
US20150137793A1 (en) * 2012-06-14 2015-05-21 The Trustees Of Columbia University In The City Of New York Systems and methods for precision optical imaging of electrical currents and temperature in integrated circuits
US20160077167A1 (en) * 2014-02-19 2016-03-17 Infinitum Solutions, Inc. Integrated optical nanoscale probe

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6122042A (en) * 1997-02-07 2000-09-19 Wunderman; Irwin Devices and methods for optically identifying characteristics of material objects
DE10011411C2 (en) 2000-03-09 2003-08-14 Bosch Gmbh Robert Imaging fire detector
US20030014676A1 (en) 2001-07-13 2003-01-16 Tzong-Yu Wang Method of remote start of wireless transmission USB
US6859031B2 (en) * 2002-02-01 2005-02-22 Credence Systems Corporation Apparatus and method for dynamic diagnostic testing of integrated circuits
US8299858B2 (en) * 2008-02-07 2012-10-30 Dimension 4 Ltd. Device, system, and method of frequency generation using an atomic resonator
US8766630B2 (en) * 2008-11-04 2014-07-01 The University Of Melbourne Method and apparatus for monitoring a property of a sample
US9606167B2 (en) * 2011-08-03 2017-03-28 President And Fellows Of Harvard College System and method for detecting integrated circuit anomalies
US9337111B2 (en) * 2013-03-29 2016-05-10 Stmicroelectronics Pte Ltd Apparatus and method to attach a wireless communication device into a semiconductor package
EP2983102A1 (en) * 2014-08-07 2016-02-10 EM Microelectronic-Marin SA Integrated circuit with distributed clock tampering detectors

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080038877A1 (en) * 2004-11-16 2008-02-14 Super Talent Electronics, Inc. Light-Weight Flash Hard Drive With Plastic Frame
US20130044003A1 (en) * 2011-08-18 2013-02-21 Microsoft Corporation Intrusion Detection and Communication
US20150137793A1 (en) * 2012-06-14 2015-05-21 The Trustees Of Columbia University In The City Of New York Systems and methods for precision optical imaging of electrical currents and temperature in integrated circuits
US20160077167A1 (en) * 2014-02-19 2016-03-17 Infinitum Solutions, Inc. Integrated optical nanoscale probe

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10521897B2 (en) * 2016-07-22 2019-12-31 International Business Machines Corporation Using photonic emission to develop electromagnetic emission models
US11538147B2 (en) 2016-07-22 2022-12-27 International Business Machines Corporation Using photonic emission to develop electromagnetic emission models
WO2019158646A1 (en) * 2018-02-16 2019-08-22 Thales Device and method for frequency analysis of a signal
FR3078169A1 (en) * 2018-02-16 2019-08-23 Thales DEVICE AND METHOD FOR FREQUENCY ANALYSIS OF A SIGNAL
US11415609B2 (en) * 2018-02-16 2022-08-16 Thales Device and method for frequency analysis of a signal
CN110135161A (en) * 2019-05-23 2019-08-16 电子科技大学 A kind of On-wafer measurements method of hardware Trojan horse
US11519989B2 (en) 2020-01-30 2022-12-06 The Mitre Corporation High-resolution magnetic field fingerprinting of integrated circuit activity with a quantum diamond microscope
CN111460529A (en) * 2020-03-17 2020-07-28 中国电子产品可靠性与环境试验研究所((工业和信息化部电子第五研究所)(中国赛宝实验室)) Hardware Trojan horse detection and positioning method and system

Also Published As

Publication number Publication date
WO2017062735A1 (en) 2017-04-13
US11041809B2 (en) 2021-06-22

Similar Documents

Publication Publication Date Title
US11041809B2 (en) Ultrahigh resolution dynamic IC chip activity detection for hardware security
Lohrke et al. No place to hide: Contactless probing of secret data on FPGAs
US10395032B2 (en) Detection of malicious software, firmware, IP cores and circuitry via unintended emissions
Sayakkara et al. A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics
Van Woudenberg et al. Practical optical fault injection on secure microcontrollers
Rahman et al. The key is left under the mat: On the inappropriate security assumption of logic locking schemes
JP6709845B2 (en) Systems, methods and devices for intrusion detection and analysis using power characteristics such as side channel information
Vashistha et al. Detecting hardware trojans inserted by untrusted foundry using physical inspection and advanced image processing
CN108352063B (en) System and method for area adaptive defect detection
Ferrigno et al. When AES blinks: introducing optical side channel
CN105229612B (en) The detection performed using the abnormal program of hardware based microarchitecture data
Skorobogatov Physical attacks and tamper resistance
Courbon et al. Semba: A sem based acquisition technique for fast invasive hardware trojan detection
Tajik et al. Pufmon: Security monitoring of fpgas using physically unclonable functions
Stellari et al. Verification of untrusted chips using trusted layout and emission measurements
Krachenfels et al. Real-world snapshots vs. theory: Questioning the t-probing security model
Skorobogatov Using optical emission analysis for estimating contribution to power analysis
TW201514927A (en) Adaptive local threshold and color filtering
US11519989B2 (en) High-resolution magnetic field fingerprinting of integrated circuit activity with a quantum diamond microscope
Krachenfels et al. Automatic Extraction of Secrets from the Transistor Jungle using {Laser-Assisted}{Side-Channel} Attacks
Rahman et al. Backside security assessment of modern SoCs
Stern et al. SPARTA-COTS: A laser probing approach for sequential trojan detection in COTS integrated circuits
Jain et al. Special session: Novel attacks on logic-locking
Stern et al. SPARTA: A laser probing approach for trojan detection
Krachenfels et al. Trojan awakener: Detecting dormant malicious hardware using laser logic state imaging

Legal Events

Date Code Title Description
AS Assignment

Owner name: PRESIDENT AND FELLOWS OF HARVARD COLLEGE, MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SHAO, LINBO;LONCAR, MARKO;SIGNING DATES FROM 20161215 TO 20161216;REEL/FRAME:045474/0593

Owner name: PRESIDENT AND FELLOWS OF HARVARD COLLEGE, MASSACHU

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SHAO, LINBO;LONCAR, MARKO;SIGNING DATES FROM 20161215 TO 20161216;REEL/FRAME:045474/0593

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT RECEIVED

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE